Société : BNP Paribas Real Estate Lieu : Brussels Brussels Site source : Talent BE
).
You check compliance with and observance of security standards and apply/deploy new operationalsecurity solutions.You implement the security measures formalised/observed in projects by the GSO, contribute to the reflexion around the optimised security architecture and submit the implementation for the security assessment phase occurring before the official testing phase of the project.You propose areas for IT security improvement and implement good security practices.You implement & coordinate the closure of the recommendations that result from the penetration/intrusion tests.
You act as the Single Point of Contact on behalf of the IT Dept towards the local GSO as well as the Security representatives of the Head office by applying the security guidelines provided by them in the operations, projects & proof of concepts.
This imply that on the field you will liase with the IT Production, architecture, development, IT risk, DPO and DQA teams to ensure that the security rules are well respected according to needs while acting as a facilitator for those collaborators with the aim of favorising automationTogether with the local GSO, you contribute to the formalization an appropriate BENE procedural framework to govern IT securityoperational processes You configure and ensure operational maintenance of security solutions, execute operationalsecurity actions, ensure data are well protectedYou lead technical IT security incidents resolution on the field, notably by continuously monitoring security solutions, analysing the logs, liasing with external parties( when involved) and have periodical reportings towards the local GSO.You ensure the follow up in the execution of the obsolescence Mgt plans & IT continuity plans of assets by managing upgrades to the correct versions in compliance with the consistency & continuity of application assets.You report and implementsecurity remediation plans in relation with the IT risks with the collaboration of the IT Risk Officer.You analyse and correct anomalies leading to IT security flaws reported by usersYou act as the contact point for IT suppliers in order to follow up the execution of the implementation at their side on our behalf as well as assess the deliverables related to IT security aspects of the solutions / products.You check with the collaboration of the Infrastructure team the compliance of technical / telecom/ application flows and issue alerts in the event of non-IT security compliance with norms and standards.You setup, adjust & monitor operational IT security indicators/KPIs and action plans in order to remedy to non-compliant features, in collaboration with the IT Production, GSO & CISO teams.
Deliverables:
vRespect ofcompliance of the IT security architecture planvAssessment and remediation plans of IT security audits & reports resultsvAssessment and remediation plans of IT security recommendations within projectsvSecurity monitoring reports & action plan of systemsvSecurity Problem/Incident Management reports & remediation plansvAssessment and remediation plans of IT security risksvVulnerabilities & obsolescence reports & remediation plans via security patching follow ups & upgradesvEnrichment of IAM via extracts of source applications to facilitate Access rights Mgt reviewsvMaintenance of inventories in relation with IT security related assetsvApply remediation plans in relation with IT security related assetsvOperationalsecurity KPI reports & follow up of formalisationvAssurance security plan elaboration & assessment reports for outsourced activities vFormalisation of the procedural framework Continuous improvement initiativeYour participation in proposing and, where appropriate, carrying out actions to apply security measures within applications while automating tasks in view to optimise the solution and act as a facilitor to the stakeholders is of key essence.
Contributing to the elaboration of data & APIs while ensuring their protection by adopting an orchestrated/structured approach is valuable.
Your capacity to collect & analyze data to manage and improving the security performance of solutions via a technical or process angle would be of added value.We expect you to be open to new solutions and prospects for developing the technologies, tools and methodologies used.
Education, experience and skills vBachelor degree in computer engineering/ cyber security engineeringvAt least 6 years of experience in the IT security domainvAt least 6 years of experience with IT network engineering, IT Risk and CybersecurityvExcellent written and oral communication skills in English (must) and Dutch/French (desired);vCertification:
ISO27001, ITIL Tools – methodologies – technologies ØIdentity Access Management (IAM) solutions -Priviledged Access Management (PAM)-Single Sign One (SSO)-IAM workflows management, recertification, training exercises, reconciliation-‘Non-standard’ rights management ØData Protection solutionsØLogs collection solutionsØForensic, SIEM, antimalware and EDR solutionsØCryptology solutionsØNetwork security and firewall administrationØVulnerability management solutions CompetencesØAnalytical abilityØAbility to Deliver / Results DrivenØAbility to collaborate / TeamworkØAttention to Detail / RigourØCreativity & Innovation / Problem SolvingØAbility to anticipate business / strategic evolutionPrimary Location:
